Doug,
Most lists confirm the email-address by mailing back a link to verify
that the participant indeed receives email at that email-address and
wishes to subscribe to the list, a double op-in. Will participants on
a list need to have their own certificate? You seem to be validating
Phillip's concept of using trusted certificates rather than DKIM's
self issued public keys.
That's not really where I was going. What I more envision is that a
mailing list will have its own reputation that will match the LCD of the
list, just as you say, but that the way to protect against that is for
lists to be at least a little picky about who they allow on. After all,
we've said that dkim is just a part of the solution, and we've indicated
that reputation systems are important (albeit out of scope for this
group), so why not let them address this problem as well?
Sender beware. If it were to become common practice to overlay or
remove the DKIM signature upon delivery...
The ONLY time one removes a signature is when one breaks it.
Eliot
_______________________________________________
ietf-dkim mailing list
http://dkim.org